1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class department extends plugin
24 {
25 /* department attributes */
26 var $ou= "";
27 var $description= "";
28 var $base= "";
29 var $st= "";
30 var $l= "";
31 var $postalAddress= "";
32 var $businessCategory= "";
33 var $telephoneNumber= "";
34 var $facsimileTelephoneNumber= "";
35 var $orig_dn= "";
36 var $is_administrational_unit= false;
37 var $gosaUnitTag= "";
38 var $view_logged = FALSE;
40 /* Headpage attributes */
41 var $last_dep_sorting= "invalid";
42 var $departments= array();
43 var $must_be_tagged = false;
45 /* attribute list for save action */
46 var $attributes= array("ou", "description", "businessCategory", "st", "l", "postalAddress",
47 "telephoneNumber", "facsimileTelephoneNumber", "gosaUnitTag");
48 var $objectclasses= array("top", "gosaDepartment", "organizationalUnit");
49 var $initially_was_tagged = false;
51 var $orig_base = "";
52 var $orig_ou = "";
54 function department (&$config, $dn)
55 {
57 plugin::plugin($config, $dn);
58 $this->is_account= TRUE;
59 $this->ui= get_userinfo();
60 $this->dn= $dn;
61 $this->orig_dn= $dn;
62 $this->orig_ou= $this->ou;
63 $this->config= $config;
65 /* Set base */
66 if ($this->dn == "new"){
67 $ui= get_userinfo();
68 if(session::is_set('CurrentMainBase')){
69 $this->base = session::get('CurrentMainBase');
70 }else{
71 $this->base= dn2base($ui->dn);
72 }
73 } else {
74 $this->base= preg_replace ("/^[^,]+,/", "", $this->dn);
75 }
77 $this->orig_base = $this->base;
79 /* Is administrational Unit? */
80 if ($dn != "new" && in_array_ics('gosaAdministrativeUnit', $this->attrs['objectClass'])){
81 $this->is_administrational_unit= true;
82 $this->initially_was_tagged = true;
83 }
84 }
86 function execute()
87 {
88 /* Call parent execute */
89 plugin::execute();
91 /* Log view */
92 if($this->is_account && !$this->view_logged){
93 $this->view_logged = TRUE;
94 new log("view","department/".get_class($this),$this->dn);
95 }
97 /* Reload departments */
98 $this->config->get_departments($this->dn);
99 $this->config->make_idepartments();
100 $smarty= get_smarty();
102 $tmp = $this->plInfo();
103 foreach($tmp['plProvidedAcls'] as $name => $translation){
104 $smarty->assign($name."ACL",$this->getacl($name));
105 }
107 /* Base select dialog */
108 $once = true;
109 foreach($_POST as $name => $value){
110 if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
111 $once = false;
112 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
113 $this->dialog->setCurrentBase($this->base);
114 }
115 }
117 /* Dialog handling */
118 if(is_object($this->dialog)){
119 /* Must be called before save_object */
120 $this->dialog->save_object();
122 if($this->dialog->isClosed()){
123 $this->dialog = false;
124 }elseif($this->dialog->isSelected()){
126 /* A new base was selected, check if it is a valid one */
127 $tmp = $this->get_allowed_bases();
128 if(isset($tmp[$this->dialog->isSelected()])){
129 $this->base = $this->dialog->isSelected();
130 }
132 $this->dialog= false;
133 }else{
134 return($this->dialog->execute());
135 }
136 }
138 /* Hide all departments, that are subtrees of this department */
139 $bases = $this->get_allowed_bases();
140 if(($this->dn == "new")||($this->dn == "")){
141 $tmp = $bases;
142 }else{
143 $tmp = array();
144 foreach($bases as $dn=>$base){
145 $fixed = str_replace("/","\\",$this->dn);
146 /* Only attach departments which are not a subtree of this one */
147 if(!preg_match("/".$fixed."/",$dn)){
148 $tmp[$dn]=$base;
149 }
150 }
151 }
152 $smarty->assign("bases", $tmp);
154 foreach ($this->attributes as $val){
155 $smarty->assign("$val", $this->$val);
156 }
157 $smarty->assign("base_select", $this->base);
159 /* Set admin unit flag */
160 if ($this->is_administrational_unit) {
161 $smarty->assign("unitTag", "checked");
162 } else {
163 $smarty->assign("unitTag", "");
164 }
166 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
167 }
169 function clear_fields()
170 {
171 $this->dn = "";
172 $this->base = "";
174 foreach ($this->attributes as $val){
175 $this->$val= "";
176 }
177 }
179 function remove_from_parent()
180 {
181 $ldap= $this->config->get_ldap_link();
182 $ldap->cd ($this->dn);
183 $ldap->recursive_remove();
184 new log("remove","department/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
185 if (!$ldap->success()){
186 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
187 }
189 /* Optionally execute a command after we're done */
190 $this->handle_post_events('remove');
191 }
193 function must_be_tagged()
194 {
195 return $this->must_be_tagged;
196 }
198 /* Save data to object */
199 function save_object()
200 {
201 if (isset($_POST['dep_generic_posted'])){
203 /* Create a base backup and reset the
204 base directly after calling plugin::save_object();
205 Base will be set seperatly a few lines below */
206 $base_tmp = $this->base;
207 plugin::save_object();
208 $this->base = $base_tmp;
210 /* Set new base if allowed */
211 $tmp = $this->get_allowed_bases();
212 if(isset($_POST['base'])){
213 if(isset($tmp[$_POST['base']])){
214 $this->base= $_POST['base'];
215 }
216 }
218 /* Save tagging flag */
219 if ($this->acl_is_writeable("unitTag")){
220 if (isset($_POST['unitTag'])){
221 $this->is_administrational_unit= true;
222 } else {
223 $this->is_administrational_unit= false;
224 }
225 }
226 }
227 }
230 /* Check values */
231 function check()
232 {
233 /* Call common method to give check the hook */
234 $message= plugin::check();
236 /* Check for presence of this department */
237 $ldap= $this->config->get_ldap_link();
238 $ldap->ls ("(&(ou=".$this->ou.")(objectClass=organizationalUnit))", $this->base, array('dn'));
239 if ($this->orig_dn == "new" && $ldap->count()){
240 $message[]= msgPool::duplicated(_("Name"));
241 } elseif ($this->orig_dn != $this->dn && $ldap->count()){
242 $message[]= msgPool::duplicated(_("Name"));
243 }
245 /* All required fields are set? */
246 if ($this->ou == ""){
247 $message[]= msgPool::required(_("Name"));
248 }
249 if ($this->description == ""){
250 $message[]= msgPool::required(_("Description"));
251 }
253 if(tests::is_department_name_reserved($this->ou,$this->base)){
254 $message[]= msgPool::reserved(_("Name"));
255 }
257 if (preg_match ('/[#+:=>\\\\\/]/', $this->ou)){
258 $message[]= msgPool::invalid(_("Name"), $this->ou, "/[^#+:=>\\\\\/]/");
259 }
260 if (!tests::is_phone_nr($this->telephoneNumber)){
261 $message[]= msgPool::invalid(_("Phone"), $this->telephoneNumber, "/[\/0-9 ()+*-]/");
262 }
263 if (!tests::is_phone_nr($this->facsimileTelephoneNumber)){
264 $message[]= msgPool::invalid(_("Fax"), $this->facsimileTelephoneNumber, "/[\/0-9 ()+*-]/");
265 }
267 return $message;
268 }
271 /* Save to LDAP */
272 function save()
273 {
274 $ldap= $this->config->get_ldap_link();
276 /* Add tag objects if needed */
277 if ($this->is_administrational_unit){
279 /* If this wasn't tagged before add oc an reset unit tag */
280 if(!$this->initially_was_tagged){
281 $this->objectclasses[]= "gosaAdministrativeUnit";
282 $this->gosaUnitTag= "";
284 /* It seams that this method is called twice,
285 set this to true. to avoid adding this oc twice */
286 $this->initially_was_tagged = true;
287 }
289 if ($this->gosaUnitTag == ""){
291 /* It's unlikely, but check if already used... */
292 $try= 5;
293 $ldap->cd($this->config->current['BASE']);
294 while ($try--){
296 /* Generate microtime stamp as tag */
297 list($usec, $sec)= explode(" ", microtime());
298 $time_stamp= preg_replace("/\./", "", $sec.$usec);
300 $ldap->search("(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$time_stamp))",array("gosaUnitTag"));
301 if ($ldap->count() == 0){
302 break;
303 }
304 }
305 if($try == 0) {
306 msg_dialog::display(_("Fatal error"), _("Cannot find an unused tag for this administrative unit!"), WARNING_DIALOG);
307 return;
308 }
309 $this->gosaUnitTag= preg_replace("/\./", "", $sec.$usec);
310 }
311 }
312 $this->skipTagging = TRUE;
313 plugin::save();
316 /* Remove tag information if needed */
317 if (!$this->is_administrational_unit && $this->initially_was_tagged){
318 $tmp= array();
320 /* Remove gosaAdministrativeUnit from this plugin */
321 $has_unit_tag= false;
322 foreach($this->attrs['objectClass'] as $oc){
323 if (!preg_match("/^gosaAdministrativeUnit$/i", $oc)){
324 $tmp[]= $oc;
325 }
326 if (preg_match("/^gosaAdministrativeUnitTag$/i", $oc)){
327 $has_unit_tag= true;
328 }
329 }
330 $this->attrs['objectClass']= $tmp;
331 $this->attrs['gosaUnitTag']= array();
332 $this->gosaUnitTag = "";
333 }
336 /* Write back to ldap */
337 $ldap->cat($this->dn, array('dn'));
338 $ldap->cd($this->dn);
340 if ($ldap->count()){
341 $this->cleanup();
342 $ldap->modify ($this->attrs);
343 new log("modify","department/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
344 $this->handle_post_events('modify');
345 } else {
346 $ldap->add($this->attrs);
347 $this->handle_post_events('add');
348 new log("create","department/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
349 }
350 if (!$ldap->success()){
351 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
352 }
354 /* The parameter forces only to set must_be_tagged, and don't touch any objects
355 This will be done later */
356 $this->tag_objects(true);
358 /* Optionally execute a command after we're done */
359 $this->postcreate();
360 return(false);
361 }
364 /* Tag objects to have the gosaAdministrativeUnitTag */
365 function tag_objects($OnlySetTagFlag = false)
366 {
367 if(!$OnlySetTagFlag){
368 $smarty= get_smarty();
369 /* Print out html introduction */
370 echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
371 <html>
372 <head>
373 <title></title>
374 <style type="text/css">@import url("themes/default/style.css");</style>
375 <script language="javascript" src="include/focus.js" type="text/javascript"></script>
376 </head>
377 <body style="background: none; margin:4px;" id="body" >
378 ';
379 echo "<h3>".sprintf(_("Tagging '%s'."),"<i>".@LDAP::fix($this->dn)."</i>")."</h3>";
380 }
382 $add= $this->is_administrational_unit;
383 $len= strlen($this->dn);
384 $ldap= $this->config->get_ldap_link();
385 $ldap->cd($this->dn);
386 if ($add){
387 $ldap->search('(!(&(objectClass=gosaAdministrativeUnitTag)(gosaUnitTag='.
388 $this->gosaUnitTag.')))', array('dn'));
389 } else {
390 $ldap->search('objectClass=gosaAdministrativeUnitTag', array('dn'));
391 }
393 $objects = array();
394 while ($attrs= $ldap->fetch()){
395 $objects[] = $attrs;
396 }
397 foreach($objects as $attrs){
399 /* Skip self */
400 if ($attrs['dn'] == $this->dn){
401 continue;
402 }
404 /* Check for confilicting administrative units */
405 $fix= true;
406 foreach ($this->config->adepartments as $key => $tag){
407 /* This one is shorter than our dn, its not relevant... */
408 if ($len >= strlen($key)){
409 continue;
410 }
412 /* This one matches with the latter part. Break and don't fix this entry */
413 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $attrs['dn'])){
414 $fix= false;
415 break;
416 }
417 }
419 /* Fix entry if needed */
420 if ($fix){
421 if($OnlySetTagFlag){
422 $this->must_be_tagged =true;
423 return;
424 }
425 $this->handle_object_tagging($attrs['dn'], $this->gosaUnitTag, TRUE );
426 echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
427 }
428 }
430 if(!$OnlySetTagFlag){
431 $this->must_be_tagged = FALSE;
432 echo '<p class="seperator"> </p>';
433 echo "<div style='width:100%;text-align:right;'><form name='form' method='post' action='?plug=".$_GET['plug']."' target='_parent'>
434 <br><input type='submit' name='back' value='"._("Continue")."'>
435 </form></div>";
436 echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
437 }
438 }
441 /* Move/Rename complete trees */
442 function recursive_move($src_dn, $dst_dn,$force = false)
443 {
444 /* Print header to have styles included */
445 $smarty= get_smarty();
447 echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
448 <html>
449 <head>
450 <title></title>
451 <style type="text/css">@import url("themes/default/style.css");</style>
452 <script language="javascript" src="include/focus.js" type="text/javascript"></script>
453 </head>
454 <body style="background: none; margin:4px;" id="body" >
455 ';
456 echo "<h3>".sprintf(_("Moving '%s' to '%s'"),"<i>".@LDAP::fix($src_dn)."</i>","<i>".@LDAP::fix($dst_dn)."</i>")."</h3>";
459 /* Check if the destination entry exists */
460 $ldap= $this->config->get_ldap_link();
462 /* Check if destination exists - abort */
463 $ldap->cat($dst_dn, array('dn'));
464 if ($ldap->fetch()){
465 trigger_error("Recursive_move ".@LDAP::fix($dst_dn)." already exists.",
466 E_USER_WARNING);
467 echo sprintf("Recursive_move: '%s' already exists", @LDAP::fix($dst_dn))."<br>";
468 return (FALSE);
469 }
471 /* Perform a search for all objects to be moved */
472 $objects= array();
473 $ldap->cd($src_dn);
474 $ldap->search("(objectClass=*)", array("dn"));
475 while($attrs= $ldap->fetch()){
476 $dn= $attrs['dn'];
477 $objects[$dn]= strlen($dn);
478 }
480 /* Sort objects by indent level */
481 asort($objects);
482 reset($objects);
484 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
485 foreach ($objects as $object => $len){
488 $src= str_replace("\\","\\\\",$object);
489 $dst= preg_replace("/".str_replace("\\","\\\\",$src_dn)."$/", "$dst_dn", $object);
490 $dst= str_replace($src_dn,$dst_dn,$object);
492 echo "<b>"._("Object").":</b> ".@LDAP::fix($src)."<br>";
494 $this->update_acls($object, $dst,TRUE);
496 if (!$this->copy($src, $dst)){
497 echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),@LDAP::fix($src))."</font>";
498 return (FALSE);
499 }
500 echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
501 flush();
502 }
504 /* Remove src_dn */
505 $ldap->cd($src_dn);
506 $ldap->recursive_remove();
507 $this->orig_dn = $this->dn = $dst_dn;
508 $this->orig_base= $this->base;
509 $this->entryCSN = getEntryCSN($this->dn);
511 echo '<p class="seperator"> </p>';
513 echo "<div style='width:100%;text-align:right;'><form name='form' method='post' action='?plug=".$_GET['plug']."' target='_parent'>
514 <br><input type='submit' name='back' value='"._("Continue")."'>
515 </form></div>";
517 echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
518 echo "</body></html>";
520 return (TRUE);
521 }
524 /* Return plugin informations for acl handling */
525 static function plInfo()
526 {
527 return (array("plShortName" => _("Generic"),
528 "plDescription" => _("Departments"),
529 "plSelfModify" => FALSE,
530 "plPriority" => 0,
531 "plDepends" => array(),
532 "plSection" => array("admin"),
533 "plCategory" => array("department" => array("objectClass" => "gosaDepartment", "description" => _("Departments"))),
535 "plProvidedAcls" => array(
536 "description" => _("Description"),
537 "c" => _("Country"),
538 "base" => _("Base"),
539 "l" => _("Location"),
540 "telephoneNumber" => _("Telephone"),
541 "ou" => _("Department name"),
542 "businessCategory" => _("Category"),
543 "st" => _("State"),
544 "postalAddress" => _("Address"),
545 "gosaUnitTag" => _("Administrative settings"),
546 "facsimileTelephoneNumber" => _("Fax"))
547 ));
548 }
550 function handle_object_tagging($dn= "", $tag= "", $show= false)
551 {
552 /* No dn? Self-operation... */
553 if ($dn == ""){
554 $dn= $this->dn;
556 /* No tag? Find it yourself... */
557 if ($tag == ""){
558 $len= strlen($dn);
560 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
561 $relevant= array();
562 foreach ($this->config->adepartments as $key => $ntag){
564 /* This one is bigger than our dn, its not relevant... */
565 if ($len <= strlen($key)){
566 continue;
567 }
569 /* This one matches with the latter part. Break and don't fix this entry */
570 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
571 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
572 $relevant[strlen($key)]= $ntag;
573 continue;
574 }
576 }
578 /* If we've some relevant tags to set, just get the longest one */
579 if (count($relevant)){
580 ksort($relevant);
581 $tmp= array_keys($relevant);
582 $idx= end($tmp);
583 $tag= $relevant[$idx];
584 $this->gosaUnitTag= $tag;
585 }
586 }
587 }
589 /* Set tag? */
590 if ($tag != ""){
591 /* Set objectclass and attribute */
592 $ldap= $this->config->get_ldap_link();
593 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
594 $attrs= $ldap->fetch();
595 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
596 if ($show) {
597 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
598 flush();
599 }
600 return;
601 }
602 if (count($attrs)){
603 if ($show){
604 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
605 flush();
606 }
607 $nattrs= array("gosaUnitTag" => $tag);
608 $nattrs['objectClass']= array();
609 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
610 $oc= $attrs['objectClass'][$i];
611 if ($oc != "gosaAdministrativeUnitTag"){
612 $nattrs['objectClass'][]= $oc;
613 }
614 }
615 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
616 $ldap->cd($dn);
617 $ldap->modify($nattrs);
618 if (!$ldap->success()){
619 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, get_class()));
620 }
621 } else {
622 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
623 }
625 } else {
626 /* Remove objectclass and attribute */
627 $ldap= $this->config->get_ldap_link();
628 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
629 $attrs= $ldap->fetch();
630 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
631 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
632 return;
633 }
634 if (count($attrs)){
635 if ($show){
636 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
637 flush();
638 }
639 $nattrs= array("gosaUnitTag" => array());
640 $nattrs['objectClass']= array();
641 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
642 $oc= $attrs['objectClass'][$i];
643 if ($oc != "gosaAdministrativeUnitTag"){
644 $nattrs['objectClass'][]= $oc;
645 }
646 }
647 $ldap->cd($dn);
648 $ldap->modify($nattrs);
649 if (!$ldap->success()){
650 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, get_class()));
651 }
652 } else {
653 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
654 }
655 }
656 }
660 /*! \brief Returns a list of all available departments for this object.
661 If this object is new, all departments we are allowed to create a new user in are returned.
662 If this is an existing object, return all deps. we are allowed to move tis object too.
664 @return Array [dn] => "..name" // All deps. we are allowed to act on.
665 */
666 function get_allowed_bases()
667 {
668 $ui = get_userinfo();
669 $deps = array();
671 /* Is this a new object ? Or just an edited existing object */
672 if(!$this->initially_was_account && $this->is_account){
673 $new = true;
674 }else{
675 $new = false;
676 }
678 $ideps = $this->config->idepartments;
679 if(!isset($ideps[$this->base])){
680 $ideps[$this->base] = ".";
681 }
682 foreach($deps as $dn => $name){
683 if($new && $this->acl_is_createable($dn)){
684 $deps[$dn] = $name;
685 }elseif(!$new && $this->acl_is_moveable($dn)){
686 $deps[$dn] = $name;
687 }
688 }
690 /* Add current base */
691 if(isset($this->base) && isset($ideps[$this->base])){
692 $deps[$this->base] = $ideps[$this->base];
693 }else{
694 trigger_error("Cannot return list of departments, no default base found in class ".get_class($this).". ".$this->base);
695 }
696 return($deps);
697 }
699 }
701 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
702 ?>